Job Administration
SAP Authorization Concept
The core of the three-layer model is the application layer. This consists of one or more application servers and a message server. Companies use the application server to provide services for the operation of applications in SAP. The message server serves as an "intermediary" between the applications and services, for example, by controlling communication between the individual application servers and determining the load on the application servers. Furthermore, the data is prepared for the user in the application view so that the user can call up the data visually in the presentation layer. At the same time, the user data is forwarded to the database.
The higher the degree of standardisation of operational and maintenance tasks, the more effective the technical operation and maintenance can be. At the same time, this simplifies outsourcing and, if necessary, the use of a cloud solution. CHOOSING AN APPROPRIATE SERVICE FORM Regardless of the chosen service form, as well as outsourcing and outtasking, the overall responsibility for the availability and performance of the IT-supported applications remains with the company. This still means internal coordination of maintenance windows or release booths, which remains in place. Similarly, the services provided by the external partner must be regularly monitored and their quality checked. Therefore, the chosen IT strategy must be chosen from this point of view with the lowest risk. If the technical operation is not sufficiently assessed in the decision, there is a significant business risk.
SWI2_DIAG Access to work item analysis (SWI2)
Customers with such a case regularly contact us. Creating a Permission Concept from the ground up is often a time-consuming task. Furthermore, the know-how, which aspects should be dealt with in an authorisation concept and how the corresponding processes can look practical and at the same time audit-proof is often lacking. Our solution: tool-based generation of an individual, written authorisation concept In this situation, we have recommended to our customers the tool-based generation of a written authorisation concept directly from the SAP system. We use the XAMS Security Architect tool, with which we have had good experiences. This includes a template for a revision-proof and comprehensible, written authorisation concept. It includes established best practices for role and entitlement management. The template covers all relevant areas in a permission concept. The included text of the authorisation concept is completely customisable, so that the concept can be tailored to your situation without creating a permission concept from scratch. Dynamically update the written authorisation concept One of the biggest challenges after the development of an authorisation concept is to keep it up to date in the long term and to measure the sustainable implementation in the system. This is achieved by integrating live data such as configuration settings and defined rules directly from the connected system. For example, lists of existing roles or user groups and tables are read from the system each time the document is generated and updated in the permission concept. The following screenshot shows an example of what the appearance in the concept document might look like. Automatically check and monitor compliance with the concept To check compliance with the concept, the XAMS Security Architect includes extensive inspection tools. These cover the rules formulated in the concept and are suitable for measuring the extent to which the reality in the system meets the requirements formulated in the concept.
ITIL stands for The IT Infrastructure Library. ITIL is a summary of "best practices" rules for professional implementation of IT service management. ITIL has established itself as an international standard in the area of IT business processes. The ITIL set of rules describes the processes, the organizational structure and the tools required for IT infrastructure. ITIL is based on the economic added value that IT operations provide for the company. itSMF Deutschland eV has further developed and improved these standards, and at the same time operates a portal for exchanging knowledge and experience.
The "Shortcut for SAP Systems" tool is ideal for doing many tasks in the SAP basis more easily and quickly.
Understanding the structure and functioning of the system is especially important for IT administration. It is not for nothing that "SAP Basis Administrator" is a separate professional field. On the page www.sap-corner.de you will find useful information on this topic.
You may be aware of the situation where you want to approve a transport order quickly after the test has been completed and you have clicked in the system when the order was released.
In order to achieve the associated goals of the company and to implement them as effectively and efficiently as possible, the SAP basis must contribute to the design of an IT roadmap and to the design of the digitisation and also cloud strategy.